Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Kanishk Mittal (KanishkM2601)
Intersystems Corporation

Intersystems Corporation
US
KanishkM2601 Member since 2022 1 post
Intersystems Corporation
Posted: Oct 17, 2023
Last activity: Apr 23, 2024
Posted: 17 Oct 2023 17:54 EDT
Last activity: 23 Apr 2024 8:12 EDT
Closed
Solved

SHA 256

I have an endpoint that is pinged by a web hook I have set up. 

One of the parameters in the header of this incoming request is my client secret hashed with the message body using SHA 256.

What is the best way to authenticate such requests? I don't see any options for SHA-256 in Pega 8.7.3 that supports hashing my client secret with the message body.

To see attachments, please log in.
Pega Sales Automation 8.7
Java and Activities
Solutions Engineer

  • Kanishk Mittal Vlad S. Leonte Norbert Hresko

Accepted Solution

Posted: 1 year ago
Updated: 1 year ago
Posted: 8 Apr 2024 8:25 EDT
Updated: 23 Apr 2024 8:12 EDT
Marije Schillern (MarijeSchillern)
MOD
Senior Knowledge Management Specialist
Pegasystems Inc.
GB

@KanishkM2601 does the information in the below post help at all?

Does Pega offer any support for Conjur API

In Pega 8.x, you can use the Token Profile and pxGenerateJWT activity to generate JWT tokens. You can specify the signature algorithm in the Token Profile, and the activity generates the JWT token accordingly. However, if you need to use a specific hashing algorithm like SHA-256 that is not available OOTB, you may need to write custom Java code to achieve this.

⚠ This is a GenAI-powered tool. All generated answers require validation against the provided references.

Reg Signing a message with RSA SHA 256 algorithm using a private Key

BYOK encryption Private Data requirements > AES Private data key encryption specification

Client Authentication using JWT Token(Pega 8.4)

To see attachments, please log in.

Accepted Solution

Posted: 1 year ago
Updated: 1 year ago
Posted: 8 Apr 2024 8:25 EDT
Updated: 23 Apr 2024 8:12 EDT
Marije Schillern (MarijeSchillern)
MOD
Senior Knowledge Management Specialist
Pegasystems Inc.
GB

@KanishkM2601 does the information in the below post help at all?

Does Pega offer any support for Conjur API

In Pega 8.x, you can use the Token Profile and pxGenerateJWT activity to generate JWT tokens. You can specify the signature algorithm in the Token Profile, and the activity generates the JWT token accordingly. However, if you need to use a specific hashing algorithm like SHA-256 that is not available OOTB, you may need to write custom Java code to achieve this.

⚠ This is a GenAI-powered tool. All generated answers require validation against the provided references.

Reg Signing a message with RSA SHA 256 algorithm using a private Key

BYOK encryption Private Data requirements > AES Private data key encryption specification

Client Authentication using JWT Token(Pega 8.4)

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice